package com.loren.oauth.web.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
@RequestMapping
public class OAuthController {

	@ResponseBody
	@GetMapping("/oauth/user-info")
	public Object userInfo() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails();
		return details.getDecodedDetails();
	}

	@ResponseBody
	@GetMapping("hello")
	@PreAuthorize("hasAuthority('super')")
	public String hello() {
		return "authorization server";
	}
}
